By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

When Apple Computer Inc. started running commercials earlier this year featuring a stuffy, suit-and-tie-clad guy playing the role of a PC and a scruffy, laid-back guy in jeans and a t-shirt representing the Mac, one segment in particular raised a lot of eyebrows in the IT security community.

Surely, security experts said, the day will come when Macs will get attacked and Apple will live to regret that commercial. Natalie Lambert, an analyst with Cambridge, Mass.-based Forrester Research, said as much in SearchSecurity.com's Security Wire Weekly podcast last week.

Irritation over Apple's boastfulness was apparent in the blogosphere this week, with the Security Curve blog comparing the situation to a South Park episode where everyone is so pleased with themselves for driving hybrid cars that a gigantic "cloud of smug" forms over the town, threatening to cause the end of the world.

People in the South Park episode went around saying things like, "I prefer to be part of the solution rather than part of the problem and holding themselves up on a pedestal because they're so great," the blog said, adding that Apple's current attitude about security is no different.

About Security Blog Log

Senior News Writer Bill Brenner peruses security blogs each day to see what's got the information security community buzzing. In this column he lists the weekly highlights. If you'd like to comment on the column or bring new security blogs to his attention, contact him at bbrenner@techtarget.com.

Now, the blog noted, Apple has followed the no-viruses commercial with a
new one in which the PC guy wears a trench coat and tries not to be recognized by spyware, while the Mac guy is relaxed and carefree.

"Apparently, Mac's don't get malware, and they don't get spyware. Behold the power of marketing," Security Curve grumbled. In the end, the blog said, there's no technical reason why Macs can't be pelted with malware, suggesting that it will happen sooner or later.

Security Curve noted that computing platforms are built to allow the user to manipulate the environment, and that if a user can do it, a user's agent can do it. Since there is no way to know user intent programmatically, if a user's software agent can do it, malware can do it, the blog said.

For example, if a user can install software that gets launched at boot and uses system resources, then spyware can install software that gets launched at boot and uses system resources, Security Curve said. If a user can reformat the disc, malware can reformat the disc, the blog noted.

Sooner or later, people buying Macs based on these flawed assumptions will get a wake-up call.Security Curve weblog,

"But buy in to Apple's message, and it seems like there's something magical about Mac that defies this -- somehow once software is undesirable to the user, it can longer be installed on the system," Security Curve continued. "Sooner or later, people buying Macs based on these flawed assumptions will get a wake-up call."

The blog entry attracted a healthy trail of responses, some of which defend Apple.

"For six years now commentators have again and again promised that anytime now the sky would fall and all those smug Mac users would rue the day," one blogger wrote. "However, this has still not happened. With 116,000 viruses and worms, 68,000 bits of spyware and adware, countless Trojans, keyloggers etc, Windows remains infinitely more malware-ridden."

Apple is simply stating a fact in its commercials that today's malware doesn't affect the Mac, the blogger said, asking, "What is so unethical about that?"

A couple of years ago, he said, when a vulnerability like this was released, a worm usually wasn't far behind, and "not just a basic worm, (but) the kind that can infect hundreds of thousands of machines quickly. After all, we've been expecting that to happen given what we saw in the past with MS05-039 (Zotob, which really was a bot), MS04-011 (Sasser) and MS03-039 (Blaster)."

But this is 2006, he said, and for whatever reason, "we're beyond simple worms."

At this point, Nazario plans to stick with the blog, though he said he'll probably adjust the subject matter to fit the times.

"Don't be surprised if you see more botnet stuff on here because of such changes," he said. "I think that there's still interesting research going on in worms and not just in bots, and I'll keep digging for it."

E-Handbook

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy